wpscan

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. (by wpscanteam)

Stats

Basic wpscan repo stats
8
5,844
8.7
11 days ago

wpscanteam/wpscan is an open source project licensed under Dual which is not an OSI approved license.

Wpscan Alternatives

Similar projects and alternatives to wpscan

  • GitHub repo SecLists

    SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  • GitHub repo privilege-escalation-awesome-scripts-suite

    PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

  • GitHub repo ModSecurity

    ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.

  • GitHub repo WordPress-Coding-Standards

    PHP_CodeSniffer rules (sniffs) to enforce WordPress coding conventions

  • GitHub repo vane

    A GPL fork of the popular wordpress vulnerability scanner WPScan

  • GitHub repo custom-wordlists

  • GitHub repo bh-wp-plugins-page

    Tidies up common annoyances in WordPress admin's plugins page.

NOTE: The number of mentions on this list indicates mentions on common posts. Hence, a higher number means a better wpscan alternative or higher similarity.

Posts

Posts where wpscan has been mentioned. We have used some of these posts to build our list of alternatives and similar projects - the last one was on 2021-06-03.
  • Finding security vulnerabilities in a WordPress plugin
    reddit.com/r/Wordpress | 2021-06-03
  • Boss wants vulnerability scans completed on Linux servers and WordPress websites.
    reddit.com/r/hacking | 2021-05-03
    Linux Servers (Remotely): nmap -> nmap -sC -sV -p- ipHere WordPress Websites: wpscan -> wpscan --url http://site.com/
  • How do I check a plugin someone wrote for me for security vulnerabilities?
    reddit.com/r/Wordpress | 2021-04-12
    To start, I highly recommend reviewing this plugin security testing cheat sheet for WordPress. It has the most common WordPress vulnerabilities and you can search the plugins code for these flaws: https://github.com/wpscanteam/wpscan/wiki/WordPress-Plugin-Security-Testing-Cheat-Sheet
  • wordpress enumeration without wpscan
    reddit.com/r/oscp | 2021-03-27
    There is one annoying "gotcha" when using WPScan, especially plugin enumeration, which is for the best results you have to go an extra step and add the "--plugins-detection mixed" option. It is documented in our user documentation - https://github.com/wpscanteam/wpscan/wiki/WPScan-User-Documentation#enumeration-modes
  • Best free security plugin for WP website?
    reddit.com/r/Wordpress | 2021-03-12
    There is a free wordpress security scanning service that you could leverage for regular security auditing of your site called WPScan that is fantastic on detecting and auditing common vulnerabilities to plugins and security exposures.
  • How to tell if a plugin is being used?
    reddit.com/r/Wordpress | 2021-02-19
    wpscan will audit for plugins used that have publicly exposed vulnerabilities. The methods of detection are quite clever and it works well.
  • What tools am I gonna use to check a particular website's open ports
    reddit.com/r/Kalilinux | 2021-02-02
    It’s called WPScan and available on Github: https://github.com/wpscanteam/wpscan
  • Tentativo di SQL injection su un sito Wordpress
    vuoi un consiglio? togli " Reliable online pharmacy " e " Viagra Super Active " dalle keyword, cosi ti togli dal taarghet dei bot. sicuramente il tentativo di inject è stato effettuato da bot. e magari dai un'occhiata a questo https://github.com/wpscanteam/wpscan